Using PPP Options in Files and on the Command Line

Solaris PPP 4.0 contains a large set of options, which you use
to define your PPP configuration. You use these options in the PPP configuration files,
or on the command line, or by using a combination of files and
command-line options. This section contains detailed information about the use of PPP options
in configuration files and as arguments to PPP commands.

Where to Define PPP Options

Solaris PPP 4.0 configuration is very flexible. You can define PPP options in
the following places:

PPP configuration files

PPP commands that are issued on the command line

A combination of both places

The next table lists the PPP configuration files and commands.

Table 22-1 Summary of PPP Configuration Files and Commands

File or Command

Description

For
Information

/etc/ppp/options

A file that contains characteristics that apply by default to all PPP links
on the system, for example, whether the machine requires peers to authenticate themselves. If
this file is absent, nonroot users are prohibited from using PPP.

Refer to the pppd(1M) man page for details on the PPP files.
pppd (1M) also includes comprehensive descriptions of all options that are available
to the pppd command. Sample templates for all the PPP configuration files
are available in /etc/ppp.

How PPP Options Are Processed

The pppd daemon parses the following:

All Solaris PPP 4.0operations are handled by the pppd daemon, which starts when a user runs the pppd command. When a user calls a remote peer, the following occurs:

/etc/ppp/options

$HOME/.ppprc

Any files that are opened by the file or call option in /etc/ppp/options and $HOME/.ppprc

pppd scans the command line to determine the device in use. The daemon does not yet interpret any options that are encountered.

pppd tries to discover the serial device to use by using these criteria:

If a serial device is specified on the command line, or a previously processed configuration file, pppd uses the name of that device.

If no serial device is named, then pppd searches for the notty, pty, or socket option on the command line. If one of these options is specified, pppd assumes that no device name exists.

Otherwise, if pppd discovers that standard input is attached to a tty, then the name of the tty is used.

If pppd still cannot find a serial device, pppd terminates the connection and issues an error.

pppd then checks for the existence of the /etc/ppp/options.ttyname file. If the file is found, pppd parses the file.

pppd processes any options on the command line.

pppd negotiates the Link Control Protocol (LCP) to set up the link.

(Optional) If authentication is required, pppd reads /etc/ppp/pap-secrets or /etc/ppp/chap-secrets to authenticate the opposite peer.

The file /etc/ppp/peers/peer-name is read when the pppd daemon encounters the option callpeer-name on the command line or in the other configuration files.

How PPP Configuration File Privileges Work

Solaris PPP 4.0 configuration includes the concept of privileges. Privileges determine the
precedence of configuration options, particularly when the same option is invoked in more
than one place. An option that is invoked from a privileged source takes precedence
over the same option that is invoked from a nonprivileged source.

User Privileges

The only privileged user is superuser (root), with the UID of zero. All
other users are not privileged.

File Privileges

The following configuration files are privileged regardless of their ownership:

/etc/ppp/options

/etc/ppp/options.ttyname

/etc/ppp/peers/peer-name

The file $HOME/.ppprc is owned by the user. Options that are read
from $HOME/.ppprc and from the command line are privileged only if the user
who is invoking pppd is root.

Arguments that follow the file option are privileged.

Effects of Option Privileges

Some options require the invoking user or source to be privileged in order
to work. Options that are invoked on the command line are assigned the
privileges of the user who is running the pppd command. These options are not
privileged unless the user who is invoking pppd is root.

Option

Status

Explanation

domain

Privileged

Requires privileges for
use.

linkname

Privileged

Requires privileges for use.

noauth

Privileged

Requires privileges for use.

nopam

Privileged

Requires privileges for use.

pam

Privileged

Requires privileges for
use.

plugin

Privileged

Requires privileges for use.

privgroup

Privileged

Requires privileges for use.

allow-ipaddresses

Privileged

Requires privileges for use.

namehostname

Privileged

Requires
privileges for use.

plink

Privileged

Requires privileges for use.

noplink

Privileged

Requires privileges for use.

plumbed

Privileged

Requires privileges for use.

proxyarp

Becomes
privileged if noproxyarp has been specified

Cannot be overridden by an unprivileged use.

defaultroute

Privileged if
nodefaultroute is set in a privileged file or by a privileged user

Cannot be
overridden by an unprivileged user.

disconnect

Privileged if set in a privileged file or
by a privileged user

Cannot be overridden by an unprivileged user.

bsdcomp

Privileged if set
in a privileged file or by a privileged user

The nonprivileged user cannot
specify a code size that is larger than the privileged user has specified.

deflate

Privileged
if set in a privileged file or by a privileged user

The nonprivileged
user cannot specify a code size that is larger than the privileged user
has specified.

connect

Privileged if set in a privileged file or by a privileged
user

Cannot be overridden by an nonprivileged user.

init

Privileged if set in a privileged
file or by a privileged user

Cannot be overridden by an nonprivileged user.

pty

Privileged
if set in a privileged file or by a privileged user

Cannot be
overridden by an nonprivileged user.

welcome

Privileged if set in a privileged file or
by a privileged user

Cannot be overridden by an nonprivileged user.

ttyname

Privileged if set
in a privileged file

Not privileged if set in a nonprivileged file

Opened with
root permissions regardless of who invokes pppd.

Opened with the privileges of the
user who invokes pppd.

/etc/ppp/options Configuration File

You use the /etc/ppp/options file to define global options for all PPP
communications on the local machine. /etc/ppp/options is a privileged file. /etc/ppp/options should be owned
by root, although pppd does not enforce this rule. Options that you define in
/etc/ppp/options have precedence over definitions of the same options in all other files
and the command line.

Typical options that you might use in /etc/ppp/options include the following:

lock – Enables UUCP-style file locking

noauth – Indicates that the machine does not authenticate callers

Note - The Solaris PPP 4.0 software does not include a default /etc/ppp/options file.
pppd does not require the /etc/ppp/options file to work. If a machine does
not have an /etc/ppp/options file, only root can run pppd on that machine.

You must create /etc/ppp/options by using a text editor, as shown in How to Define Communications Over the Serial Line.
If a machine does not require global options, you can create an empty
/etc/ppp/options file. Then, both root and regular users can run pppd on the
local machine.

/etc/ppp/options.tmpl Template

The /etc/ppp/options.tmpl contains helpful comments about the /etc/ppp/options file plus three common options for
the global /etc/ppp/options file.

lock
nodefaultroute
noproxyarp

Option

Definition

lock

Enables UUCP-style file locking

nodefaultroute

Specifies that no default route is
defined

noproxyarp

Disallows proxyarp

To use /etc/ppp/options.tmpl as the global options file, rename /etc/ppp/options.tmpl to /etc/ppp/options. Then,
modify the file contents as needed by your site.

Where to Find Examples of the /etc/ppp/options Files

To find examples of the /etc/ppp/options file, refer to the following:

/etc/ppp/options.ttyname Configuration File

You can configure the characteristics of communications on the serial line in the
/etc/ppp/options.ttyname file. /etc/ppp/options.ttyname is a privileged file that is
read by pppd after parsing any existing /etc/ppp/options and existing $HOME/.ppprc files. Otherwise,
pppd reads /etc/ppp/options.ttyname after parsing /etc/ppp/options.

ttyname is used for both dial-up and leased-line links. ttyname represents a particular serial
port on a machine, such as cua/a or cua/b, where a modem
or ISDN TA might be attached.

When naming the /etc/ppp/options.ttyname file, replace the slash (/) in the device
name with a dot (.). For example, the options file for device cua/b should
be named /etc/ppp/options.cua.b.

Note - Solaris PPP 4.0 does not require an /etc/ppp/options.ttyname file to work
correctly. Your server might have only one serial line for PPP. Furthermore,
the server requires few options. In this instance, you can specify any required
options in another configuration file or on the command line.

Using /etc/ppp/options.ttyname on a Dial-in Server

For a dial-up link, you might choose to create individual /etc/ppp/options.ttyname files for
every serial port on a dial-in server with a modem attached. Typical options
include the following:

IP address required by the dial-in server

Set this option if you require incoming callers on serial port ttyname to use a particular IP address. Your address space might have a limited number of IP addresses that are available for PPP in comparison to the number of potential callers. In this situation, consider assigning an IP address to each serial interface that is used for PPP on the dial-in server. This assignment implements dynamic addressing for PPP.

asyncmapmap-value

The asyncmap option maps control characters that cannot be received over the serial line by the particular modem or ISDN TA. When the xonxoff option is used, pppd automatically sets an asyncmap of 0xa0000.

map-value states, in hexadecimal format, the control characters that are problematic.

init "chat -U-f /etc/ppp/mychat"

The init option tells the modem to initialize communications over the serial line by using the information in the chat-U command. The modem uses the chat string in the file /etc/ppp/mychat.

Security parameters that are listed in the pppd(1m) man page

Using /etc/ppp/options.ttyname on a Dial-out Machine

For a dial-out system, you can create an /etc/ppp/options.ttyname file for the serial port
that is connected to the modem, or choose not to use /etc/ppp/options.ttyname.

Note - Solaris PPP 4.0 does not require an /etc/ppp/options.ttyname file to work
correctly. A dial-out machine might have only one serial line for
PPP. Furthermore, the dial-out machine might require few options. You can specify
any required options in another configuration file or on the command line.

options.ttya.tmpl Template File

The /etc/ppp/options.ttya.tmpl file contains helpful comments about the /etc/ppp/options.tty-name file. The template contains
three common options for the /etc/ppp/options.tty-name file.

38400
asyncmap 0xa0000
:192.168.1.1

Option

Definition

38400

Use this baud rate for port ttya.

asyncmap 0xa0000

Assign
the asyncmap value of 0xa0000 so that the local machine can communicate with
broken peers.

:192.168.1.1

Assign the IP address 192.168.1.1 to all peers that are calling in
over the link.

To use /etc/ppp/options.ttya.tmpl at your site, rename /etc/ppp/options.tmpl to /etc/ppp/options.ttya-name. Replace ttya-name with
the name of the serial port with the modem. Then modify the file
contents as needed by your site.

Where to Find Examples of the /etc/ppp/options.ttyname Files

To find examples of the /etc/ppp/options.ttyname files, refer to the following: